diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2020-12-11 12:34:27 +0100 |
---|---|---|
committer | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2021-01-12 12:54:18 +0100 |
commit | 486ad81974c9c7e6adfdd6ac710ebf199ba4add9 (patch) | |
tree | 4ec9e6aa0b813f8d0b31c2653eb135c759a000c9 /src/libcrypto.c | |
parent | c3ae1336fbefda2e71c68149d831b576ab001ac9 (diff) | |
download | libssh-486ad81974c9c7e6adfdd6ac710ebf199ba4add9.tar.gz libssh-486ad81974c9c7e6adfdd6ac710ebf199ba4add9.tar.xz libssh-486ad81974c9c7e6adfdd6ac710ebf199ba4add9.zip |
libcrypto: Use CRYPTO_memcmp() instead of memcmp
When comparing the authentication tag for chacha20-poly1305, use the
constant time CRYPTO_memcmp() instead of memcmp().
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'src/libcrypto.c')
-rw-r--r-- | src/libcrypto.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/libcrypto.c b/src/libcrypto.c index c5c0eac5..c14eeeea 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -1098,7 +1098,7 @@ chacha20_poly1305_aead_decrypt(struct ssh_cipher_struct *cipher, #endif /* DEBUG_CRYPTO */ /* Verify the calculated MAC matches the attached MAC */ - cmp = memcmp(tag, mac, POLY1305_TAGLEN); + cmp = CRYPTO_memcmp(tag, mac, POLY1305_TAGLEN); if (cmp != 0) { /* mac error */ SSH_LOG(SSH_LOG_PACKET, "poly1305 verify error"); |